{"_id":"56d1fb6293f76e0b00bbc5e4","category":{"_id":"55284ed68962f339009a67e1","__v":6,"pages":["552854af60c60f230003fb96","5528553ad9e1db2d00cd9292","55286c7d391a362500d9b3f5","55290f5bceedaa0d00bc5c5b","56d1fb3d93f76e0b00bbc5e2","56d1fb6293f76e0b00bbc5e4"],"project":"552829408962f339009a678d","version":"552829408962f339009a6790","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-04-10T22:29:42.627Z","from_sync":false,"order":9,"slug":"protocol","title":"MTProto v2"},"user":"55282916d9e1db2d00cd923c","project":"552829408962f339009a678d","parentDoc":null,"__v":0,"version":{"_id":"552829408962f339009a6790","project":"552829408962f339009a678d","__v":26,"createdAt":"2015-04-10T19:49:20.516Z","releaseDate":"2015-04-10T19:49:20.516Z","categories":["552829418962f339009a6791","55284ed68962f339009a67e1","55286c73391a362500d9b3f4","552918f6b316811900149f59","5529b255d739240d00a3483e","553287590a578a0d008d4ff5","55329385e7d1fa0d003fc946","5550b55200420e0d00d1312f","55525fca953c9c0d00f507d7","559199695631432f002d358a","559d8d96980b801700d5ec7e","55c5e833cccdeb2d004e24b9","55d76504f662951900fc0e7d","55ea213cc62aa02f008229cd","56157b750f5ed00d00483dd8","561981fbac0924170069f4e8","561b8b1ea430930d0037ea67","563417428b86331700b488ca","56cd785bface161300dae0ec","56cdcc6e70db8a15006395f4","56cdf1b749abf10b0036a34a","56cedc8ce50c9c1b00830423","56e97ba8d825061900d1ac83","570d505228e6900e00477229","573614ca2ab52e1700c8e851","57d556a2496a3117004d70cf"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2016-02-27T19:39:14.380Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":6,"body":"# Encryption\n\nMTProto v2 Rev3 enables encryption support to replace or enchanse TLS one. Unlike TLS, actor use multiple encryption schemes at one time. Actor encrypts message with US encryption and then again encrypt with Russian encryption that in result guarantee absolute encryption streight. US encryption is performed with AES-128-CBC-HMAC-SHA256 and Russian layer is Kuznechik-CBC-HMAC-Streebog.\n\nWe are not invenging the wheel and implement encryption logic exactly as [TLS 1.2 CBC block chipcher](https://tools.ietf.org/html/rfc5246#section-6.2.3.2) is.\n\nIn Rev4 we will enable support for Axolotl Ratched like encryption directly in protocol.\n\n**Protocol uses 256 bits of block length in HMAC instead of standart one**. This was caused by bug in initial implementation of HMAC, but doesn't affect security parameters.\n\nHMAC is calculated from (seqNumber + iv + content.length + content).\n\n## Base Encrypted Package\n\n```\nEncryptedPackage {\n  HEADER = 0xE8\n  // Sequence number starting from zero for each direction\n  seqNumber: long\n  // First encryption level\n  encryptedPackage: bytes\n}\n```\n\nContainer for encryption level. First one is AES, second one is Kuznechik. After decrypting AES package, you will get other EncryptionCBCPackage, decrypt it and you will get Plain Text Message object.\n\n```\nEncryptionCBCPackage {\n  iv: bytes\n  encryptedContent: bytes\n}\n```","excerpt":"","slug":"encryption","type":"basic","title":"Encryption"}
# Encryption MTProto v2 Rev3 enables encryption support to replace or enchanse TLS one. Unlike TLS, actor use multiple encryption schemes at one time. Actor encrypts message with US encryption and then again encrypt with Russian encryption that in result guarantee absolute encryption streight. US encryption is performed with AES-128-CBC-HMAC-SHA256 and Russian layer is Kuznechik-CBC-HMAC-Streebog. We are not invenging the wheel and implement encryption logic exactly as [TLS 1.2 CBC block chipcher](https://tools.ietf.org/html/rfc5246#section-6.2.3.2) is. In Rev4 we will enable support for Axolotl Ratched like encryption directly in protocol. **Protocol uses 256 bits of block length in HMAC instead of standart one**. This was caused by bug in initial implementation of HMAC, but doesn't affect security parameters. HMAC is calculated from (seqNumber + iv + content.length + content). ## Base Encrypted Package ``` EncryptedPackage { HEADER = 0xE8 // Sequence number starting from zero for each direction seqNumber: long // First encryption level encryptedPackage: bytes } ``` Container for encryption level. First one is AES, second one is Kuznechik. After decrypting AES package, you will get other EncryptionCBCPackage, decrypt it and you will get Plain Text Message object. ``` EncryptionCBCPackage { iv: bytes encryptedContent: bytes } ```